U.S. Department of Energy 
Office of Inspector General 
Office of Inspections and Special Inquiries 



Inspection Report 


Internal Controls Over Classified Computers 
and Classified Removable Media at the 
Lawrence Livermore National Laboratory 






Department of Energy 

Washington, DC 20585 
December 5, 2003 



MEMORANDUM FOR 
FROM: 

Inspector General 

SUBJECT: INFORMATION : Inspection Report on “Internal Controls 

Over Classified Computers and Classified Removable Media at 
the Lawrence Livermore National Laboratory” 


SECRETARY 



Gregory H. Friedman 


BACKGROUND 


Computers are used extensively in the full range of operations at the Department of 
Energy’s (DOE) Lawrence Livermore National Laboratory (Livermore), including 
processing classified national security information. Livermore maintains a significant 
inventory of classified laptop and desktop computers, as well as classified removable 
media, such as hard drives and computer disks. DOE policy requires strict inventory 
controls over classified computers and classified removable media. The purpose of this 
inspection was to determine the adequacy of internal controls over classified computers 
and classified removable media at Livermore. 

RESULTS OF INSPECTION 


During the inspection, we were able to physically locate each of the classified laptop 
computers listed in Livermore’s inventory, as well as each of the classified desktop 
computers and classified removable hard drives we selected for sampling. At the same 
time, we did identify certain internal control weaknesses in Livermore’s administration of 
its classified computer and classified removable media inventories, increasing the 
vulnerability of these items to loss, abuse, and theft. Specifically, we found that: 

• Classified Nuclear Emergency Search Team computer equipment and 
removable media were not subjected to required inventories; 

• Six classified desktop computers that had been shipped permanently to other 
DOE sites remained in Livermore’s property inventory; and 

• A classified removable hard drive was not entered into Livermore’s classified 
removable media tracking and accounting system, as required. 
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The findings in this report complement several recent Inspector General reports 
concerning the adequacy of internal controls over sensitive property such as classified 
computers and firearms at Departmental facilities. Given current national security 
concerns, the Department and its contractors must make a maximum effort to safeguard 
classified computers and classified media to reduce the possibility of loss, abuse, and 
theft. Consequently, this report includes several recommendations to help to achieve this 
objective. Because of the security implications, during our inspection we alerted 
Livermore officials to our findings, so appropriate corrective actions could be initiated 
immediately. 

MANAGEMENT REACTION 


Management agreed with our findings and recommendations and identified the corrective 
actions already taken or planned to address our concerns. 
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Overview 


INTRODUCTION 
AND OBJECTIVE 


Computers are used extensively in the full range of operations at 
Lawrence Livermore National Laboratory (Livermore), including 
processing classified national security information. Livennore 
reported an inventory of 86 classified laptop computers and 1,141 
classified desktop computers as of March 2003. In addition, 
Livermore reported approximately 15,000 pieces of classified 
removable media. Department of Energy (DOE) policy requires 
strict inventory controls over classified computers and classified 
removable media. 

The objective of this inspection was to detennine the adequacy of 
internal controls over the accountability of classified computers 
and classified computer removable media at Livennore. This 
inspection complements similar work performed at Los Alamos 
National Laboratory, '‘Interim Inspection Report on Inspection of 
Internal Controls Over Personal Computers at Los Alamos 
National Laboratory” (DOE/IG-0597, April 2003); the Savannah 
River Site, “ Inspection of Internal Controls Over Laptop and 
Desktop Computers at the Savannah River Site” (INS-L-03-09, 
July 29, 2003); and other laboratories, ‘‘Management of Sensitive 
Equipment at Selected Locations ” (DOE/IG-0606, June 2003). It 
also complements our recent inspection of Livermore’s internal 
controls over firearms, ‘‘Firearms Internal Controls at the 
Lawrence Livermore National Laboratory (DOE/IG-0621, 
September 2003). 
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Internal Controls Over Classified Computers 
and Classified Removable Media at the 
Lawrence Livermore National Laboratory 




OBSERVATIONS 
AND CONCLUSIONS 


We were able to account for each of the 86 classified laptop 
computers listed in Livermore’s property inventory, as well as the 
272 classified desktop computers and 200 classified removable hard 
drives we selected for sampling. Despite this, we determined that 
there were significant inadequacies in the internal controls over 
classified computers and classified removable media at Livermore. 

Specifically, we found that: 

• Classified National Nuclear Security Administration (NNSA) 
Nuclear Emergency Search Team (NEST) computer equipment 
and removable media were not subjected to required inventories; 

• Six classified desktop computers that were shipped pennanently 
to other DOE sites and organizations remained in Livermore’s 
property inventory; and 

• A classified removable hard drive was not entered into 
Livermore’s tracking and accounting system for classified 
removable media, as required. 

Because of the security implications, during our inspection we 
alerted Livermore officials to our findings, so appropriate 
corrective actions could be initiated immediately. 
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Details of Findings 


NEST We found that classified NEST computer equipment and 

EQUIPMENT removable media were not subjected to required inventories. DOE 

policy presented in the “Classified Matter Protection and Control 
Manual” requires that NEST classified computer equipment and 
related media undergo a complete inventory at least once a month by 
two individuals. Based on historical events and the clear vulnerability 
of classified computer equipment and media, such exceptional 
inventory requirements are an essential component of the 
Department’s effort to ensure national security. However, we 
identified three pieces of NEST classified computer equipment and 
five classified removable media that were not being inventoried on a 
monthly basis by two individuals; rather, inventories were conducted 
intennittently at longer intervals by one person. Additionally, we 
identified two NEST classified removable media that were being 
inventoried on an annual basis, but not on a monthly basis as required. 
Reportedly, these media did not contain sensitive information. A 
Livermore official responsible for the NEST equipment advised that 
he was unaware of the DOE inventory requirements. 

TRANSFERRED We found that six classified desktop computers that were shipped 

CLASSIFIED pennanently to other DOE sites and organizations remained in 

COMPUTERS Livermore’s property inventory. The six classified desktop computers 

were sent to other DOE sites and organizations one or more years ago 
under the DOE Secure Communications and Teleconferencing 1 
(SCAT) project. Details on the computers’ locations and dates of 
shipment are as follows: 


Type 

DOE Location 

Date Shipped 

Desktop Computer 

Bechtel, Andrews 
AFB, MD 

7/29/99 

Desktop Computer 

Pantex Plant, 
Amarillo, TX 

8/23/99 

Desktop Computer 

ORISE, 

Kirtland AFB, NM 

10/25/00 

Desktop Computer 

DOE, 

Wash., DC 

12/12/00 

Desktop Computer 

Savannah River 

Site Office, GA 

1/24/01 

Desktop Computer 

Yarrow, Assoc., 
Fairfax, VA 

10/25/01 


1 The SCAT system is used for crisis and routine communication by DOE, the Department of Homeland Security, 
and other emergency response organizations. Livermore is responsible for the acquisition and transfer of all SCAT 
computers to DOE sites and organizations in the SCAT program. 
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CLASSIFIED 

REMOVABLE 

MEDIA 


We were advised that the transfer of ownership for the six 
computers was not completed in a timely manner because the 
property representative responsible for the transfer had overlooked 
the requirement. A Livermore official said that action was being 
taken to transfer ownership of the six classified computers to the 
appropriate DOE sites and organization. 

We found that a classified removable hard drive was not entered 
into Livermore’s tracking and accounting system for classified 
removable media. We accounted for each of the 200 classified 
removable hard drives in our judgmental sample of the 2,309 
classified removable hard drives listed in Livermore’s tracking and 
accounting system. However, during our sampling of the classified 
removable hard drives, we identified a classified removable hard 
drive that was not entered into Livermore’s tracking and 
accounting system. We were advised that the reason for this was 
an oversight by a Livermore employee. Hie exclusion of any 
classified media from the Laboratory’s tracking system, regardless 
of the underlying cause, has serious implications for the security 
and accountability of highly sensitive materials. 

Livermore officials informed us that they took immediate action to 
correct this condition. Livermore officials advised that they 
entered the classified hard drive into livermore’s tracking and 
accounting system. Livermore officials also advised that they 
conducted a physical inventory of all classified removable hard 
drives and that all other media was being tracked and accounted 
for. Lurther, Livermore officials advised that Livermore published 
a “Lessons Learned” bulletin reminding all employees that all 
“classified removable electronic media” are accountable and must 
be tracked in Livermore’s tracking and accounting system for 
classified removable media. 
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RECOMMENDATIONS 


MANAGEMENT 

COMMENTS 


INSPECTOR 

COMMENTS 


Livermore’s failure to adequately enforce inventory and 
accountability requirements for classified items increases the 
vulnerability of classified computers and media, including critical 
NEST equipment, to loss, abuse, and theft. Therefore, we 
recommend that the Manager, Livennore Site Office, ensure that: 

1. All NEST classified computer equipment and removable media 
are subjected to inventory reviews in accordance with DOE 
policy; 

2. Livermore transfers the ownership of all SCAT classified 
desktop computers to the appropriate DOE sites and 
organizations; and 

3. Steps are taken to ensure that classified media is immediately 
controlled upon being designated as classified. 

On November 18, 2003, the Associate Administrator for 
Management and Administration, National Nuclear Security 
Administration, provided written comments on our draft inspection 
report. The Associate Administrator’s verbatim response is 
included as Appendix B to this report. Management agreed with 
the report findings and recommendations and identified corrective 
actions taken or planned relating to the recommendations. 

We consider management’s comments and actions regarding 
the findings and recommendations contained in our report to be 
responsive. 
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Appendix A 


SCOPE AND 
METHODOLOGY 


• Livermore Management and Operating Contracts. 

• DOE Property Management Regulations, Title 41 Code of 
Federal Regulations, Chapter 109. 

• Livermore Property Management Policies and Procedures. 

• DOE M 471.2-1C, Classified Matter Protection and Control 
Manual, Approved 4-17-01. 

• DOE M 471.2-2, Classified Information Systems Security 
Manual, dated 8-3-99. 

• Livermore’s Classified Document User’s Manual, dated 
October 2002. 

• Livermore’s Accountable Documents and Media Procedures, 
dated September 2000, Revised March 11, 2002. 

• Livermore’s General Plan 4001 vl.3, General Computer 
Security Plan for PL-1 Multiple User Classified Systems, dated 
July 30, 2002. 

• Livermore’s Policy 4303 v4.3, Classified - Single User Stand 
Alone (SUSA) Security Plan, dated July 24, 2002. 

This inspection was conducted in accordance with the “Quality 

Standards for Inspections” issued by the President’s Council on 

Integrity and Efficiency. 


We conducted the fieldwork portion of our review during 
January 2003 to June 2003. Our review included interviews with 
officials from the Livermore Site Office and Lawrence Livennore 
National Laboratory. In addition, we conducted inventory 
verification of a judgmental sampling of classified desktop 
computers. We also reviewed applicable policies and procedures 
and other records regarding property management and computers, 
including: 
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Appendix B 



Department of Energy 

National Nuclear Security Administration 

Washington, DC 20585 



NOV 1 8 2003 


MEMORANDUM FOR Alfred K. Walters 


Acting Assistant Inspector General 


for Inspections 



FROM: 


Michael C. Kane 
Associate Administrator 6 


7 


for Management and Administration 


SUBJECT: 


Comments to Draft Report; LLNL’s Control Over Classified 
Computers 


The Office of Inspector General (IG) issued their draft report, “Inspection of Internal Controls 
Over Classified Computers and Classified Removable Media at the Lawrence Livermore 
National Laboratory” on October 16, 2003. We appreciate having had the opportunity to 
have reviewed the draft report. NNSA understands that the objective of this inspection was 
to determine the adequacy of internal controls over the accountability of classified computers 
and classified computer removable media at the Lawrence Livermore National Laboratory 
(LLNL). 

While the IG Inspectors were able to account for all equipment selected for sampling (86 
laptops; 272 PCs; and 200 removable hard drives—all classified), the IG still concluded that 
there were significant inadequacies in the internal controls over classified computers and 
classified removable media at the Laboratory. The IG believed that LLNL’s failure to 
adequately enforce inventory and accountability requirements for classified items increases 
the vulnerability of classified computers and media, including critical NEST equipment, to 
loss, abuse, and theft. 

NNSA agrees with the report’s findings and recommendations. LLNL has implemented or is 
in the process of implementing corrective actions relating to the recommendations. Attached 
is NNSA’s management decision on the recommendations. 

If you have any questions, please contact Richard Speidel, Director, Policy and Internal 
Controls Management, at 202-586-5006. 

Attachment 

cc: Camille Yuan Soo Hoo, Manager, Livermore Site Office 
Robert Braden, Senior Procurement Executive, NA-63 
William Desmond, Director, Office of Nuclear Safeguards and 
Security Programs, NA-55 

David Marks, Field Chief Financial Officer, SvcCen/NV 
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National Nuclear Security Administration 
Management Decision 
to the Inspector General’s Draft Report 
“Inspection of Internal Controls Over Classified Computers 
and Classified Removable Media at the 
Lawrence Livermore National Laboratory” 


We recommend that the Manager, Livermore Site office, ensure that: 
Recommendation 1 


All NEST classified computer equipment and removable media are subjected to inventory 
reviews in accordance with DOE policy 

Management Decision 

Concur 

While the LLNL NEST Team has been very diligent in checking and inventorying their 
equipment, the inventories have not been performed using the two-person mle as required 
by DOE security policy. LLNL NEST personnel have been conducting weekly 
inventories in conjunction with their requirement to test the computer equipment. There 
are 177 inventory sheets covering the time period of January 2002 through October 2003. 
However, the form of the inventories was not one that led to an easy inspection because 
of changes in the format of the inventory chec kli st and multiple inventory locations. 

Some of the items had also been deployed to Rutland Air Force Base, but the 
accompanying receipts were not stapled to the inventory sheet. 

In addition, the draft report mentions that two NEST classified removable media were not 
being inventoried at all. In fact, the media was being inventoried annually and did not 
contain any sensitive data. This media will now be included in the future monthly 
inventories. 

Currently, LLNL is inventorying NEST computers and removable classified media using 
the two person rule. After the OIG exit conference, the LLNL Classified Matter 
Protection and Control Manager reviewed all of the inventory files and designed a new 
checklist that enables someone to easily verify the items being inventoried. It will be 
used for the next monthly inventory. LLNL NEST computer security will now validate 
that monthly inventories have been completed. NNSA LSO will validate that these 
corrective actions are in place by December 7, 2003. 
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Recommendation 2 


Livermore transfers the ownership of all SCAT classified desktop 
computers to the appropriate DOE sites and organizations. 

Management Decision 

Concur 

This discrepancy was apparently due to an oversight on the part of the 
LLNL property representative. LLNL has since transferred ownership of 
these computers to the appropriate DOE sites and organizations. The 
LLNL Property Manager met with the property representative involved in 
the transfer to coach the employee on property transfer procedures. We 
consider the actions taken responsive and complete. 

Recommendation 3 


Steps are taken to ensure that classified media is immediately controlled 
upon being designated as classified. 

Management Decision 

Concur 

This issue led to NNSA LSO issuing the following finding to LLNL in 
May 2003: LLNL Classified Matter Protection and Control practices do 
not ensure that all classified removable media are subjected to 
accountability controls as required. LLNL accountability processes do not 
address all material that should be accounted for and inventoried (03- 
LLNL-IS.2-001). Corrective Actions included: 

• A wall to wall assessment was completed on March 28, 2003 to 
identify if additional items were not in accountability. LLNL will 
conduct another wall to wall assessment in June 2004. 

• A working group was formed by the LLNL Director’s Office to 
identify and address root causes. A final report was delivered to LSO 
on June 10, 2003. 
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• Local operating plans were developed covering issues related to training 
requirements and notification to employees of local processes developed to 
ensure classified removable media were placed into accountability. Full 
implementation of these plans is expected by November 21, 2003. 
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IG Report No. DOE/IG-0628 

CUSTOMER RESPONSE FORM 


The Office of Inspector General has a continuing interest in improving the usefulness of its 
products. We wish to make our reports as responsive as possible to our customers’ requirements, 
and, therefore, ask that you consider sharing your thoughts with us. On the back of this form, 
you may suggest improvements to enhance the effectiveness of future reports. Please include 
answers to the following questions if they are applicable to you: 


1. What additional background information about the selection, scheduling, scope, or 
procedures of the inspection would have been helpful to the reader in understanding this 
report? 

2. What additional infonnation related to findings and recommendations could have been 
included in the report to assist management in implementing corrective actions? 

3. What fonnat, stylistic, or organizational changes might have made this report’s overall 
message more clear to the reader? 

4. What additional actions could the Office of Inspector General have taken on the issues 
discussed in this report which would have been helpful? 

5. Please include your name and telephone number so that we may contact you should we have 
any questions about your comments. 


Name _ Date 

Telephone _ Organization 


When you have completed this form, you may telefax it to the Office of Inspector General at 
(202) 586-0948, or you may mail it to: 


Office of Inspector General (IG-1) 
Department of Energy 
Washington, DC 20585 


ATTN: Customer Relations 

If you wish to discuss this report or your comments with a staff member of the Office of 
Inspector General, please contact Wilma Slaughter at (202) 586-1924. 



The Office of Inspector General wants to make the distribution of its reports as customer friendly and cost 

effective as possible. Therefore, this report will be available electronically through the Internet at the 

following address: 

U.S. Department of Energy Office of Inspector General Home Page 

http://www.ig.doe.gov 


Your comments would be appreciated and can be provided on the Customer Response Form 



